Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
Bas Westerbaan <bas@cloudflare.com> Sat, 01 April 2023 00:04 UTC
Return-Path: <bas@cloudflare.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 846FBC151551 for <tls@ietfa.amsl.com>; Fri, 31 Mar 2023 17:04:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lrfUe0H6vm-O for <tls@ietfa.amsl.com>; Fri, 31 Mar 2023 17:04:18 -0700 (PDT)
Received: from mail-yw1-x1131.google.com (mail-yw1-x1131.google.com [IPv6:2607:f8b0:4864:20::1131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9ABDC14CE4C for <TLS@ietf.org>; Fri, 31 Mar 2023 17:04:18 -0700 (PDT)
Received: by mail-yw1-x1131.google.com with SMTP id 00721157ae682-544f7c176easo444657327b3.9 for <TLS@ietf.org>; Fri, 31 Mar 2023 17:04:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; t=1680307458; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=fSIlLMDQu5x8DC587OUqFWZyODbH7zJyW5Wh5FtbYJo=; b=SitpKgE2LD+SFav0OMqM/b+tDxBGBkKMQn/NrAYLEqsVVrebbzEJ4P1r3lF6e8TsHV M89g/YvEMw2iL1TPQUBawfXlutAnb7HySx+ry6Z6QcSIYa6g8HxgXHMCXDIa/kcD+bJ7 KF5dlZLgVo37loTox2f2jdN32XUAmDWqkmTt8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680307458; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fSIlLMDQu5x8DC587OUqFWZyODbH7zJyW5Wh5FtbYJo=; b=gqeyOY02wvugS4QC2eQdK5eMml1wZsMw9ol1dh6l7a9w79aoM10999UPmCE+l5n+CV wrkGvoVpyN9g11DmNbFQjyxVVoSmdMxjOGccXZunQIkDgvvCEz3LCfXb8hxcTlkYp+ur jf2MLaNaRarh4XhnOAo3qjLsW3YVq8luoPyUtrki2wMDHhlNcCEc2PI3G9Royn7eY50c VrLBLz6Chx0IUB/T6x8LbnE8hTQgn+vUit+RKGuBb5fSg74AyUWLRlmH+8DyT1h8/oPM igM8MfU7SQzF6B4J54ZZcquHARMWAgDqPechFk5Pzv7fIrtqmAXUK9RLQyvo4d84IllN gFNQ==
X-Gm-Message-State: AAQBX9eupW2eZ23Y7/VKHU12eRaabhFQjGAXa0Nzw/9S0+bz2LSHugt/ GJZd4qme/CAqs5b7x6aUaPU4WsODkFss/moTIz8racjiWbgOdXyeFeo=
X-Google-Smtp-Source: AKy350ahbSAbOXSMI2n/7N8wNV8dIECMzgd5iURQWWF44T/n1RNKjRYd3MBo+sDXeRRBJrafONr8/skhIFyQcfkFcJ4=
X-Received: by 2002:a81:c84a:0:b0:541:753d:32f9 with SMTP id k10-20020a81c84a000000b00541753d32f9mr14388253ywl.9.1680307457863; Fri, 31 Mar 2023 17:04:17 -0700 (PDT)
MIME-Version: 1.0
References: <FBE87FDA-A407-4DC8-A2E8-F39AB475C87B@heapingbits.net> <ZCUn1XDExUwMz0YC@LK-Perkele-VII2.locald> <CAMjbhoUGDUbUdZ3yNB6mEn0Ztm9-TLW21WUPrn=g2Mw_bz_Row@mail.gmail.com>
In-Reply-To: <CAMjbhoUGDUbUdZ3yNB6mEn0Ztm9-TLW21WUPrn=g2Mw_bz_Row@mail.gmail.com>
From: Bas Westerbaan <bas@cloudflare.com>
Date: Sat, 01 Apr 2023 02:04:06 +0200
Message-ID: <CAMjbhoXL7-QUE20w+OMJAuEJw=Bdz2Ubf9m6vQxxtkTzSRGEdA@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: "TLS@ietf.org" <TLS@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000023da1f05f83b1180"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ogKLtiqZG5PWO5k-y11z0O1gTTU>
Subject: Re: [TLS] Consensus call on codepoint strategy for draft-ietf-tls-hybrid-design
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Apr 2023 00:04:22 -0000
Regarding additional key agreements. For the (public) web it would be best if we can agree on a default key agreement. If one half uses P-256+Kyber768 and the other X25519+Kyber768, then clients will either HRR half the time or need to send both. Neither are ideal. Obviously this point is moot for internal networks. So I do not oppose specifying additional preliminary key agreements, but I do not like to actively support it. What about specifying further preliminary key agreements in yet again a separate draft? Best, Bas On Sat, Apr 1, 2023 at 1:56 AM Bas Westerbaan <bas@cloudflare.com> wrote: > The draft draft-tls-westerbaan-xyber768d00-00 references >> draft-cfrg-schwabe-kyber-01, which has a number of annoying mistakes, >> since fixed in editor's copy. >> >> And then, the correct reference for X25519 is probably RFC7748 instead >> of RFC8037... >> >> >> Really quick and dirty way to fix this would be to publish editor's >> copy as draft-cfrg-schwabe-kyber-02 (or if CFRG adapts quickly, the >> RG-00), and then publish draft-tls-westerbaan-xyber768d00-01, fixing >> the references. >> > > Thanks, done. Posted -02 of both the Kyber and Xyber drafts. > > Best, > > Bas > >
- [TLS] Consensus call on codepoint strategy for dr… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Patton
- Re: [TLS] Consensus call on codepoint strategy fo… Richard Barnes
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Loganaden Velvindron
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] Consensus call on codepoint strategy fo… Hubert Kario
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] Consensus call on codepoint strategy fo… Kampanakis, Panos
- Re: [TLS] Consensus call on codepoint strategy fo… Scott Fluhrer (sfluhrer)
- Re: [TLS] Consensus call on codepoint strategy fo… Watson Ladd
- Re: [TLS] Consensus call on codepoint strategy fo… John Mattsson
- Re: [TLS] Consensus call on codepoint strategy fo… Bas Westerbaan
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Kampanakis, Panos
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Ilari Liusvaara
- Re: [TLS] [UNVERIFIED SENDER] Re: Consensus call … Eric Rescorla
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Krzysztof Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Salz, Rich
- Re: [TLS] Consensus call on codepoint strategy fo… Christopher Wood
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski
- Re: [TLS] Consensus call on codepoint strategy fo… Ilari Liusvaara
- Re: [TLS] Consensus call on codepoint strategy fo… Kris Kwiatkowski